Northwestern secures Office 365 & Box with Next-Gen CASB

Case Study

Northwestern University, one of the country’s leading research and academic institutions with over 20,000 students and 3,000 faculty members, selected the Bitglass Next-Gen cloud access security broker to achieve total data protection. Bitglass is set to become a critical piece of this institution’s security infrastructure as they migrate to the cloud and enable mobile access. As with many institutions in the education and research sectors, Northwestern’s security and infrastructure teams required a solution that could scale with the university’s needs and effectively protect hundreds of terabytes of institutional data.

For a large research university, intellectual property licensing can become a very valuable revenue stream, and IP under development must be protected while simultaneously being shared with external research partners. At the same time, Northwestern is home to a large medical school, which means they need to comply with HIPAA regulations.

The team at Northwestern evaluated several cloud access security broker (CASB) solutions for their ability to secure mobile, prevent data loss, and control access to the university’s cloud applications – namely Box and Office 365. The ability to protect several cloud applications immediately, with a future need for potentially many more applications, was a critical component of Northwestern’s decision making process. Given their influential, tech savvy faculty, they also required a mobile security solution that could protect data without agents and that wouldn’t pose a privacy or deployment challenge. Visibility across all SaaS apps and IaaS workloads, zero-day malware detection, and support for existing security infrastructure were also important for the Northwestern team. After extensive testing, Northwestern chose Bitglass for its real-time data protection, visibility, threat protection, and identity capabilities. With granular DLP policies around sensitive research data, Northwestern is able to track and encrypt files in real-time. Similarly, access policies enable IT to distinguish between managed and unmanaged devices for controlled access based on device risk profile. Only Bitglass’ CASB solution was able to provide real-time data protection without invasive agents.

“Bitglass was the only CASB platform that provided protection for IP and HIPAA data across our cloud footprint. Their new innovations in machine-learning based DLP are solving critical problems around data identification and control. Bitglass’ agentless, realtime architecture was absolutely required to meet the needs of our user base, ensuring a successful deployment.”